// For flags

CVE-2023-23397

Microsoft Office Outlook Privilege Escalation Vulnerability

Severity Score

9.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

25
*Multiple Sources

Exploited in Wild

Yes
*KEV

Decision

-
*SSVC
Descriptions

Microsoft Outlook Elevation of Privilege Vulnerability

Microsoft Office Outlook contains a privilege escalation vulnerability that allows for a NTLM Relay attack against another service to authenticate as the user.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2023-01-11 CVE Reserved
  • 2023-03-14 CVE Published
  • 2023-03-14 Exploited in Wild
  • 2023-03-16 First Exploit
  • 2023-04-04 KEV Due Date
  • 2024-08-02 CVE Updated
  • 2024-11-02 EPSS Updated
CWE
  • CWE-20: Improper Input Validation
  • CWE-294: Authentication Bypass by Capture-replay
CAPEC
References (26)
URL Tag Source
URL Date SRC
https://github.com/sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY 2023-03-16
https://github.com/ahmedkhlief/CVE-2023-23397-POC 2023-03-17
https://github.com/ahmedkhlief/CVE-2023-23397-POC-Using-Interop-Outlook 2023-03-17
https://github.com/Pushkarup/CVE-2023-23397 2023-10-26
https://github.com/Cyb3rMaddy/CVE-2023-23397-Report 2023-03-24
https://github.com/api0cradle/CVE-2023-23397-POC-Powershell 2023-03-17
https://github.com/Trackflaw/CVE-2023-23397 2023-03-24
https://github.com/ka7ana/CVE-2023-23397 2023-03-16
https://github.com/tiepologian/CVE-2023-23397 2023-03-21
https://github.com/grn-bogo/CVE-2023-23397 2023-03-16
https://github.com/vlad-a-man/CVE-2023-23397 2023-05-07
https://github.com/djackreuter/CVE-2023-23397-PoC 2023-03-18
https://github.com/alicangnll/CVE-2023-23397 2023-03-17
https://github.com/3yujw7njai/CVE-2023-23397-POC 2023-03-31
https://github.com/cleverg0d/CVE-2023-23397-PoC-PowerShell 2023-03-17
https://github.com/moneertv/CVE-2023-23397 2023-03-18
https://github.com/j0eyv/CVE-2023-23397 2023-03-16
https://github.com/Symbolexe/CVE-2023-23397 2024-06-22
https://github.com/SecCTechs/CVE-2023-23397 2023-03-20
https://github.com/stevesec/CVE-2023-23397 2023-03-23
https://github.com/jacquesquail/CVE-2023-23397 2023-03-29
https://github.com/im007/CVE-2023-23397 2023-03-17
https://github.com/alsaeroth/CVE-2023-23397-POC 2024-02-07
https://github.com/Zeppperoni/CVE-2023-23397-Patch 2023-03-24
https://github.com/TheUnknownSoul/CVE-2023-23397-PoW 2024-03-20
URL Date SRC
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23397 2024-05-29
URL Date SRC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Microsoft
Search vendor "Microsoft"
 365 Apps
Search vendor "Microsoft" for product "365 Apps"
-enterprise
Affected
Microsoft
Search vendor "Microsoft"
 Office
Search vendor "Microsoft" for product "Office"
 2019
Search vendor "Microsoft" for product "Office" and version "2019"
-
Affected
Microsoft
Search vendor "Microsoft"
 Office
Search vendor "Microsoft" for product "Office"
 2021
Search vendor "Microsoft" for product "Office" and version "2021"
ltsc
Affected
Microsoft
Search vendor "Microsoft"
 Outlook
Search vendor "Microsoft" for product "Outlook"
 2013
Search vendor "Microsoft" for product "Outlook" and version "2013"
sp1
Affected
Microsoft
Search vendor "Microsoft"
 Outlook
Search vendor "Microsoft" for product "Outlook"
 2013
Search vendor "Microsoft" for product "Outlook" and version "2013"
sp1, rt
Affected
Microsoft
Search vendor "Microsoft"
 Outlook
Search vendor "Microsoft" for product "Outlook"
 2016
Search vendor "Microsoft" for product "Outlook" and version "2016"
-
Affected